THE SPDX WIKI IS NO LONGER ACTIVE. ALL CONTENT HAS BEEN MOVED TO https://github.com/spdx
General Meeting/Minutes/2020-06-04
From SPDX Wiki
< General Meeting | Minutes
- Attendance: 17
- Lead by Phil Odence
- Minutes of May meeting
Contents
Presentation - Health Care PoC & NTiA, Ed Heierman, Abbott Labs
- Discussed medical device manufacturers’ development of proof-of-concept SBOMs using SPDX
- Demonstrated tag-value SPDX file, and tooling to generate through Excel spreadsheets as well as an open online tool
- the latter is also able to import existing SPDX files
- He will make slides available.
Tech Team Report - Kate / Gary
- GSoC
- Coding period just started
- Also doing funding for one student through CommunityBridge Mentorships, will start in July
- Tools
- Java tooling updated to released 2.2 spec
- Python – partial implementation, still in progress
- Spec
- v2.2 published
- now focusing on refactoring into specific profiles for v3.0 – security; revised licensing profile
- also transforming v2.2 spec into format for submission to ISO
- if looking at repo, will be seeing churn from section renumbering, table formats, etc. to align with ISO guidelines – will be v2.2.1
- will use transformed version as basis for v3.0
- active areas: security, licensing, base, integrity, usage rules (lifecycle of software, etc.)
- Tuesday weekly calls as well as out-of-band calls
- SPDX Japan calls – once a month, happening second Monday of each month – 8PM Eastern, for now reach out to Kate for invite (will document on website)
Legal Team Report - Jilayne/Paul/Steve
- License List
- v3.9 released in May
- Announcement: https://spdx.dev/license-list-v3-9-released/
- Continuing with v3.10 work, good involvement from new participants
Outreach Team Report – Steve (Jack unable to attend)
- Website
- static website migrated from Drupal to WordPress, now at https://spdx.dev
- old license list URLs remain the same under https://spdx.org/licenses
- redirects should be seamless from old to new URLs (and vice versa)
- now turning to updating old content on the static pages, etc.
- any issues, suggestions, feedback can be emailed to Jack, Kate and Steve, or submitted at https://github.com/spdx/spdx-website/issues
Attendees
- Phil Odence, Black Duck/Synopsys
- Ed Heieman, Abbott Labs
- Kate Stewart, Linux Foundation
- Gary O’Neall, SourceAuditor
- Steve Winslow, LF
- Alexios Zavras, Intel
- Takashi Ninjouji, Toshiba
- Peter Shin, Canvass Labs
- Jilayne Lovejoy, Canonical
- Emmanuel Tournier, Black Duck/Synopsys
- David Wheeler, Linux Foundation
- Mike Dolan, Linux Foundation
- Ed Heierman, Abbott Labs
- Mark Atwood, Amazon
- Jeremiah Foster, Purism
- Mark Baushke, Juniper
- McCoy Smith, LexPan
• • •